ssl: Extract CheckSecurityState so that other test suites can use it

Other test suites, e.g. HostedAppTest, need to check the security state of a tab. Change-Id: If6c5314d6878b73898011d18e8c5e18ea51b3a8b Reviewed-on: https://chromium-review.googlesource.com/958946 Commit-Queue: Giovanni Ortuño Urquidi <ortuno@chromium.org> Reviewed-by: Mustafa Emre Acer <meacer@chromium.org> Cr-Commit-Position: refs/heads/master@{#543961}

ssl: Extract CheckSecurityState so that other test suites can use it
Other test suites, e.g. HostedAppTest, need to check the security state of a tab. Change-Id: If6c5314d6878b73898011d18e8c5e18ea51b3a8b Reviewed-on: https://chromium-review.googlesource.com/958946 Commit-Queue: Giovanni Ortuño Urquidi <ortuno@chromium.org> Reviewed-by: Mustafa Emre Acer <meacer@chromium.org> Cr-Commit-Position: refs/heads/master@{#543961}
9a9b208d · Giovanni Ortuño Urquidi · Commit Bot · 90e11190 · 9a9b208d · 9a9b208d
Commit 9a9b208d authored Mar 19, 2018 by Giovanni Ortuño Urquidi Committed by Commit Bot Mar 19, 2018
4 changed files
--- a/chrome/browser/ssl/ssl_browsertest.cc
+++ b/chrome/browser/ssl/ssl_browsertest.cc
@@ -53,6 +53,7 @@
 #include "chrome/browser/ssl/mitm_software_blocking_page.h"
 #include "chrome/browser/ssl/security_state_tab_helper.h"
 #include "chrome/browser/ssl/ssl_blocking_page.h"
+#include "chrome/browser/ssl/ssl_browsertest_util.h"
 #include "chrome/browser/ssl/ssl_error_assistant.h"
 #include "chrome/browser/ssl/ssl_error_assistant.pb.h"
 #include "chrome/browser/ssl/ssl_error_handler.h"
@@ -158,6 +159,8 @@
 #include "net/cert/nss_cert_database.h"
 #endif  // defined(USE_NSS_CERTS)

+using namespace ssl_test_util;
+
 using base::ASCIIToUTF16;
 using chrome_browser_interstitials::SecurityInterstitialIDNTest;
 using content::InterstitialPage;
@@ -182,103 +185,11 @@ enum ProceedDecision {
  SSL_INTERSTITIAL_DO_NOT_PROCEED
 };

-namespace AuthState {
-
-enum AuthStateFlags {
-  NONE = 0,
-  DISPLAYED_INSECURE_CONTENT = 1 << 0,
-  RAN_INSECURE_CONTENT = 1 << 1,
-  // TODO(crbug.com/752372): Collapse SHOWING_INTERSTITIAL into SHOWING_ERROR
-  // once committed SSL interstitials are launched. For now, we automatically
-  // map SHOWING_INTERSTITIAL onto SHOWING_ERROR when committed interstitials
-  // are enabled.
-  SHOWING_INTERSTITIAL = 1 << 2,
-  SHOWING_ERROR = 1 << 3,
-  DISPLAYED_FORM_WITH_INSECURE_ACTION = 1 << 4
-};
-
-void Check(const NavigationEntry& entry, int expected_authentication_state) {
-  if (expected_authentication_state == AuthState::SHOWING_ERROR ||
-      (base::CommandLine::ForCurrentProcess()->HasSwitch(
-           switches::kCommittedInterstitials) &&
-       expected_authentication_state == AuthState::SHOWING_INTERSTITIAL)) {
-    EXPECT_EQ(content::PAGE_TYPE_ERROR, entry.GetPageType());
-  } else {
-    EXPECT_EQ(
-        !!(expected_authentication_state & AuthState::SHOWING_INTERSTITIAL)
-            ? content::PAGE_TYPE_INTERSTITIAL
-            : content::PAGE_TYPE_NORMAL,
-        entry.GetPageType());
-  }
-
-  bool displayed_insecure_content =
-      !!(entry.GetSSL().content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT);
-  EXPECT_EQ(
-      !!(expected_authentication_state & AuthState::DISPLAYED_INSECURE_CONTENT),
-      displayed_insecure_content);
-
-  bool ran_insecure_content =
-      !!(entry.GetSSL().content_status & SSLStatus::RAN_INSECURE_CONTENT);
-  EXPECT_EQ(!!(expected_authentication_state & AuthState::RAN_INSECURE_CONTENT),
-            ran_insecure_content);
-
-  bool displayed_form_with_insecure_action =
-      !!(entry.GetSSL().content_status &
-         SSLStatus::DISPLAYED_FORM_WITH_INSECURE_ACTION);
-  EXPECT_EQ(!!(expected_authentication_state &
-               AuthState::DISPLAYED_FORM_WITH_INSECURE_ACTION),
-            displayed_form_with_insecure_action);
-}
-
-}  // namespace AuthState
-
-namespace SecurityStyle {
-
-void Check(WebContents* tab,
-           security_state::SecurityLevel expected_security_level) {
-  SecurityStateTabHelper* helper = SecurityStateTabHelper::FromWebContents(tab);
-  security_state::SecurityInfo security_info;
-  helper->GetSecurityInfo(&security_info);
-  EXPECT_EQ(expected_security_level, security_info.security_level);
-}
-
-}  // namespace SecurityStyle
-
-namespace CertError {
-
-enum CertErrorFlags { NONE = 0 };
-
-void Check(const NavigationEntry& entry, net::CertStatus error) {
-  if (error) {
-    EXPECT_EQ(error, entry.GetSSL().cert_status & error);
-    net::CertStatus extra_cert_errors =
-        error ^ (entry.GetSSL().cert_status & net::CERT_STATUS_ALL_ERRORS);
-    EXPECT_FALSE(extra_cert_errors)
-        << "Got unexpected cert error: " << extra_cert_errors;
-  } else {
-    EXPECT_EQ(0U, entry.GetSSL().cert_status & net::CERT_STATUS_ALL_ERRORS);
-  }
-}
-
-}  // namespace CertError
-
 bool AreCommittedInterstitialsEnabled() {
  return base::CommandLine::ForCurrentProcess()->HasSwitch(
      switches::kCommittedInterstitials);
 }

-void CheckSecurityState(WebContents* tab,
-                        net::CertStatus expected_error,
-                        security_state::SecurityLevel expected_security_level,
-                        int expected_authentication_state) {
-  ASSERT_FALSE(tab->IsCrashed());
-  NavigationEntry* entry = tab->GetController().GetActiveEntry();
-  ASSERT_TRUE(entry);
-  CertError::Check(*entry, expected_error);
-  SecurityStyle::Check(tab, expected_security_level);
-  AuthState::Check(*entry, expected_authentication_state);
-}
-
 void CheckProceedLinkExists(WebContents* tab) {
  int result = security_interstitials::CMD_ERROR;
  const std::string javascript = base::StringPrintf(

--- a/chrome/browser/ssl/ssl_browsertest_util.cc
+++ b/chrome/browser/ssl/ssl_browsertest_util.cc
+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ssl/ssl_browsertest_util.h"
+
+#include "base/command_line.h"
+#include "chrome/browser/ssl/security_state_tab_helper.h"
+#include "chrome/common/chrome_switches.h"
+#include "components/security_state/core/security_state.h"
+#include "content/public/browser/navigation_entry.h"
+#include "content/public/browser/ssl_status.h"
+#include "content/public/common/page_type.h"
+#include "net/cert/cert_status_flags.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace ssl_test_util {
+
+namespace AuthState {
+
+void Check(const content::NavigationEntry& entry,
+           int expected_authentication_state) {
+  if (expected_authentication_state == AuthState::SHOWING_ERROR ||
+      (base::CommandLine::ForCurrentProcess()->HasSwitch(
+           switches::kCommittedInterstitials) &&
+       expected_authentication_state == AuthState::SHOWING_INTERSTITIAL)) {
+    EXPECT_EQ(content::PAGE_TYPE_ERROR, entry.GetPageType());
+  } else {
+    EXPECT_EQ(
+        !!(expected_authentication_state & AuthState::SHOWING_INTERSTITIAL)
+            ? content::PAGE_TYPE_INTERSTITIAL
+            : content::PAGE_TYPE_NORMAL,
+        entry.GetPageType());
+  }
+
+  bool displayed_insecure_content =
+      !!(entry.GetSSL().content_status &
+         content::SSLStatus::DISPLAYED_INSECURE_CONTENT);
+  EXPECT_EQ(
+      !!(expected_authentication_state & AuthState::DISPLAYED_INSECURE_CONTENT),
+      displayed_insecure_content);
+
+  bool ran_insecure_content = !!(entry.GetSSL().content_status &
+                                 content::SSLStatus::RAN_INSECURE_CONTENT);
+  EXPECT_EQ(!!(expected_authentication_state & AuthState::RAN_INSECURE_CONTENT),
+            ran_insecure_content);
+
+  bool displayed_form_with_insecure_action =
+      !!(entry.GetSSL().content_status &
+         content::SSLStatus::DISPLAYED_FORM_WITH_INSECURE_ACTION);
+  EXPECT_EQ(!!(expected_authentication_state &
+               AuthState::DISPLAYED_FORM_WITH_INSECURE_ACTION),
+            displayed_form_with_insecure_action);
+}
+
+}  // namespace AuthState
+
+namespace SecurityStyle {
+
+void Check(content::WebContents* tab,
+           security_state::SecurityLevel expected_security_level) {
+  SecurityStateTabHelper* helper = SecurityStateTabHelper::FromWebContents(tab);
+  security_state::SecurityInfo security_info;
+  helper->GetSecurityInfo(&security_info);
+  EXPECT_EQ(expected_security_level, security_info.security_level);
+}
+
+}  // namespace SecurityStyle
+
+namespace CertError {
+
+void Check(const content::NavigationEntry& entry, net::CertStatus error) {
+  if (error) {
+    EXPECT_EQ(error, entry.GetSSL().cert_status & error);
+    net::CertStatus extra_cert_errors =
+        error ^ (entry.GetSSL().cert_status & net::CERT_STATUS_ALL_ERRORS);
+    EXPECT_FALSE(extra_cert_errors)
+        << "Got unexpected cert error: " << extra_cert_errors;
+  } else {
+    EXPECT_EQ(0U, entry.GetSSL().cert_status & net::CERT_STATUS_ALL_ERRORS);
+  }
+}
+
+}  // namespace CertError
+
+void CheckSecurityState(content::WebContents* tab,
+                        net::CertStatus expected_error,
+                        security_state::SecurityLevel expected_security_level,
+                        int expected_authentication_state) {
+  ASSERT_FALSE(tab->IsCrashed());
+  content::NavigationEntry* entry = tab->GetController().GetActiveEntry();
+  ASSERT_TRUE(entry);
+  CertError::Check(*entry, expected_error);
+  SecurityStyle::Check(tab, expected_security_level);
+  AuthState::Check(*entry, expected_authentication_state);
+}
+
+}  // namespace ssl_test_util
--- a/chrome/browser/ssl/ssl_browsertest_util.h
+++ b/chrome/browser/ssl/ssl_browsertest_util.h
+// Copyright 2018 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_SSL_SSL_BROWSERTEST_UTIL_H_
+#define CHROME_BROWSER_SSL_SSL_BROWSERTEST_UTIL_H_
+
+#include "components/security_state/core/security_state.h"
+#include "net/cert/cert_status_flags.h"
+
+namespace content {
+class WebContents;
+}
+
+namespace ssl_test_util {
+
+namespace AuthState {
+
+enum AuthStateFlags {
+  NONE = 0,
+  DISPLAYED_INSECURE_CONTENT = 1 << 0,
+  RAN_INSECURE_CONTENT = 1 << 1,
+  // TODO(crbug.com/752372): Collapse SHOWING_INTERSTITIAL into SHOWING_ERROR
+  // once committed SSL interstitials are launched. For now, we automatically
+  // map SHOWING_INTERSTITIAL onto SHOWING_ERROR when committed interstitials
+  // are enabled.
+  SHOWING_INTERSTITIAL = 1 << 2,
+  SHOWING_ERROR = 1 << 3,
+  DISPLAYED_FORM_WITH_INSECURE_ACTION = 1 << 4
+};
+
+}  // namespace AuthState
+
+namespace CertError {
+
+enum CertErrorFlags { NONE = 0 };
+
+}  // namespace CertError
+
+// Checks that |tab|'s
+//  - certificate status flags match |expected_error|.
+//  - security level is |expected_security_level|.
+//  - authentication state is |expected_authentication_state|.
+//
+// |expected_authentication_state| should be a AuthStateFlags.
+void CheckSecurityState(content::WebContents* tab,
+                        net::CertStatus expected_error,
+                        security_state::SecurityLevel expected_security_level,
+                        int expected_authentication_state);
+
+}  // namespace ssl_test_util
+
+#endif  // CHROME_BROWSER_SSL_SSL_BROWSERTEST_UTIL_H_
--- a/chrome/test/BUILD.gn
+++ b/chrome/test/BUILD.gn
@@ -714,6 +714,8 @@ test("browser_tests") {
      "../browser/ssl/connection_help_tab_helper_browsertest.cc",
      "../browser/ssl/security_state_tab_helper_browsertest.cc",
      "../browser/ssl/ssl_browsertest.cc",
+      "../browser/ssl/ssl_browsertest_util.cc",
+      "../browser/ssl/ssl_browsertest_util.h",
      "../browser/ssl/ssl_client_certificate_selector_test.cc",
      "../browser/ssl/ssl_client_certificate_selector_test.h",
      "../browser/ssl/typed_navigation_timing_throttle_browsertest.cc",